Thanks a lot for your response Paul. if you are ever in my neck of Canada I really need to buy you a lot of beer...
> But didn't work out > > when they tried it. > > Are you saying it worked in the past ? Negative. Though they are pretty resourceful and have been known to hook several routers up to a modem to bypass the problem... > both are correct. The best solution _is_ to migrate to XAUTH/IPsec, > except that the windows users will need to download a (free) Windows > client that knows XAUTH, as Microsoft is unwilling to add support for it > (Windows and blackberry are the last OSes I know if that don't support > XAUTH). Okay, once I learned that windows doesnt' support xauth I found an FAQ where microsoft claims xauth contains unfixable security flaws and has been rejected for IETF standardization. I can find no supporting evidence of this on google, is there anything to it? > There is a nice free client called Shrew Soft VPN for Windows. > > > I read the man page for ipsec.conf and the README.XAUTH files, among a > > bunch of other things from google, but I haven't been able to get it > > working yet and I am a bit confused about how the roles shift around; it > > seems xauth fills a lot of the functions I currently use xl2tpd for... > > That's right. No more L2TP daemons required. All you need is a > configuration with libreswan similar to: Okay, I will check out shrew soft and play around with this a bit. Thanks again for the feedback... _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
